Merge pull request #74 from signalsciences/fixbuild

import gpg key
signalsciences · Sep 1, 2022 · a7a04c4 · a7a04c4
2 parents 5c84625 + 4ad9c56
commit a7a04c4
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 1 deletion.
diff --git a/.github/actions/gpg-import.yml b/.github/actions/gpg-import.yml
@@ -0,0 +1,25 @@
+# action.yml
+name: "GPG key import"
+description: "Import private GPG key"
+runs:
+  using: "composite"
+  steps:
+    - run: |
+        #
+        echo -e "${{ env.GPG_PRIVATE_KEY }}" | gpg --import --batch --no-tty
+        echo "hello world" > temp.txt
+        gpg --detach-sig --yes -v --output=/dev/null --pinentry-mode loopback --passphrase "${{ env.PASSPHRASE }}" temp.txt
+        rm temp.txt
+      shell: bash
+      name: import GPG key and prime passphrase
+    - id: gpg-fingerprint
+      run: |
+        fingerprint=$(gpg --with-colons --list-keys | awk -F: '/^pub/ { print $5 }')
+        echo "::set-output name=fingerprint::$fingerprint"
+      shell: bash
+      name: set gpg fingerprint output
+
+outputs:
+  fingerprint:
+    description: "Fingerprint of the GPG key (recommended as user ID)"
+    value: ${{ steps.gpg-fingerprint.outputs.fingerprint }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -32,7 +32,7 @@ jobs:
       -
         name: Import GPG key
         id: import_gpg
-        uses: hashicorp/ghaction-import[email protected]
+        uses: ./.github/actions/gpg-import
         env:
           # These secrets will need to be configured for the repository:
           GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}